Security Alerts and Updates

  Latest Security Updates for Apple Software→
•  AV Mac Security Test & Review 2019→
•  AV Real-World Protection Test July-August 2019→
•  AV Malware Protection Test September 2019→

October, 2019  (Click listings for more information) .
17  UC Browser Android users exposed to MiTM attacks.
17  Google Chrome 77 added new site isolation security features.
17  Stripe users targeted in phishing attack that steals banking info.
17  Amazon Echo and Kindle devices affected by WiFi bug.
16  Attackers hide backdoors & cryptominers in WAV audio files.
16  Another Win10 version 1903 cumulative update video bug.
16  Getting “unexpected error; quitting” in Win10 version 1903?
16  Malware uses your PC to send 30K sextortion emails per hr.
16  Domain typosquatters target the 2020 presidential election.
15  Symantec fixes bad IPS definitions that cause a Windows BSOD.
15  Adobe fixes 45 critical vulnerabilities in Acrobat and Reader.
15  2nd October cumulative updates posted – optional, non-security.
15  Samsung Galaxy S10 fingerprint reader defeated by silicone case.
14  Mozilla rolls out code injection attack protection in Firefox.
14  Facebook users locked out after reporting fake accounts.
14  How to make Windows 10 pause updates for a period of time.
14  Apple responds to reports that it sends user traffic to China.
14  Google & Yubico unveils new USB-C Titan Security Key.
14  Creating custom Sandbox configurations in Windows 10.
14  Microsoft now enables Win10 Tamper Protection by default.
13  This Week in Security – by Zack Whittaker.
13  Win10 version 1903 cumulative update & ASUS sound card bugs.
12  Use iTunes for Windows? Update Now!
12  Vulnerability found and fixed in HP bloatware.
12  Can now install Win10 version 1903 on Surface Book 2 PCs.
11  The Week in Ransomware – Decryptors Released!
11  Win10 KB4517389 update may cause Start Menu & Edge issues.
11  Microsoft fixes disappearing GPU issue on Surface Book 2.
11  Windows 10 Update Assistant vulnerability needs manual fix.
11  Google releases security updates for Chrome.
11  Windows 10 1703 is now end of service, no more updates.
10  Nemty Ransomware decryptor released, for free.
10  Microsoft won’t fix a security flaw in Windows 10 Mobile.
10  HP Touchpoint Analytics opens PCs to code execution attack.
10  Apple iTunes bug actively exploited in BitPaymer/iEncrypt campaign.
10  iTerm2 patches critical vulnerability active for 7 years.
09  Apple releases watchOS 5.3.2 for Apple Watch Series 4.
09  Patch Tuesday Lowdown, October 2019 Edition.
09  Beware of fake Amazon AWS suspension emails.
09  Patch Tuesday report: Looks like the fourth time’s a charm.
08  Win10 Servicing Stack Updates fix Secure Boot issues.
08  Here’s what’s new for Windows 8.1 and Windows 7.
08  Win10 cumulative update KB4517389 & KB4519338 released.
08  Microsoft releases the October security updates for Office.
08  Microsoft’s October Patch Tuesday fixes 59 vulnerabilities.
08  Win10 1803 users warned to update before end of support.
07  Twitter API leaves thousands of iOS Apps open to attacks.
07  RIP iTunes: Apple releases macOS 10.15 Catalina.
07  RobbinHood Ransomware using street cred to make victims pay.
07  Ransomware victim hacks back, releases decryption keys.
07  Some Windows 10 users can’t use Firefox for downloads.
06  Check if you are in the Sephora & StreetEasy data breaches.
06  DNS-over-HTTPS causes more problems than it solves.
05  HildaCrypt Ransomware developer releases decryption keys.
05  Optional cumulative update for 1903 breaks Search & VMware Workstation for some.
05  Win10 KB4524147 Update may cause boot & printing issues.
05  All out-of-band patches were re-issued in the past few hours.
04  Patch Lady – what’s the real risk?
04  The Week in Ransomware – That’s all Folks.
04  Windows 10 Cumulative Update breaks the Start menu.
04  Google says old Android vulnerability being used in the wild.
04  Magecart impacts hundreds of thousands of websites.
04  Trojan sets its sights on Microsoft Windows Defender.
03  Four U.S. food chains disclose payment card data theft.
03  Security updates released for all versions of Windows 10.
03  ‘Lost Files’ data wiper poses as a Windows security scanner.
03  Google Chrome to gradually start blocking mixed content.
03  WhatsApp flaw opens Android devices to remote code execution.
02  Google’s new privacy features for YouTube, Maps, & Assistant.
02  Google launches Password Checkup to verify security.
02  Security breach may impact orgs like Uber, Slack, & FCC.
02  American Express customer info accessed by employee.
02  Time to install Microsoft’s mainstream September patches.
01  Microsoft releases October 2019 Office updates with fixes.
01  Fake Office Activation Wizard docs used to spread Trojan.
01  Windows 10 1903 cumulative update breaks printing.
01  Hack allows reading of password protected PDF files.
01  Eight vulnerabilities found in Android’s VoIP components.

September, 2019  (Click listings for more information) .
30  ODT files deliver common remote access Trojans.
30  Free Ouroboros Ransomware decryption available.
30  Apple releases iOS 13.1.2 with more fixes.
30  Malvertiser uses WebKit exploit to infect over 1 billion ads.
30  Botched IE zero-day patch leaves cognoscenti fuming.
29  Win10 1903 on ARM gets a virtualization-based security feature.
29  This Week in Security – by Zack Whittaker.
27  The Week in Ransomware – Quiet Before the Storm?
27  Fake apps sneak gambling into iOS & Android App Stores.
27  Thousands of PCs affected by Nodersok/Divergent malware.
27  Adobe & Google open redirects used by phishing campaigns.
27  Win10 version 1903 declared ‘ready for broad deployment’.
27  Apple Releases Security Updates for multiple products.
26  Win10 1903 cumulative update fixes game audio issues.
26  DoorDash data breach exposes info of roughly 5 million users.
26  Win10 1903 cumulative update causes HP printer problems.
26  Win10 1903 cumulative update prevents installation of .NET 3.5.
25  U.S. veterans targeted with fake hiring website.
25  Google Chrome update behind recent unbootable Macs.
25  Decryptors released for three ransomware infections.
25  Cloudflare’s WARP secures iOS and Android web traffic.
24  Apple to fix iOS bug granting access to 3rd party keyboards.
24  iOS 13.1: The first iOS 13 update is out now.
24  Microsoft releases more Windows 10 cumulative updates.
24  Instagram users being targeted by a phishing campaign.
24  Avid users are finding that their Macs won’t boot.
24  Emotet tries to infect you by claiming it’s Snowden’s book.
23  Beware of Google Alert links leading to malware & scams.
23  Windows 10 cumulative updates with IE fixes released.
23  Windows security update for 0day vulnerability issued.
23  Google responds to privacy concerns of the Assistant.
23  Malicious Android apps evade Google Play Protect.
23   iOS 13 (?) may be leaking credit card numbers??
22  Why are patches so bad?
22  This Week in Security – by Zack Whittaker.
21  Apple not criticized for neutering ad blockers in Safari.
21  Microsoft marks two Windows 10 1903 issues as resolved.
20  The Week in Ransomware – Fairly Quiet.
20  Windows 7 gets oPatch security fixes after EoS.
20  Privilege escalation bug in Windows VPN client fixed.
20  Selfie Android apps install push ads, can record audio.
20  2 Chrome ad blocker extensions caught in ad fraud scheme.
19  Emotet Trojan continues to evolve, here is what we know.
19  Apple releases iOS 13 with dark mode and more.
19  Chrome Browser updated to patch critical security flaws.
19  Smart TVs and subscription services leak data to partners.
19  Problems continue to dog Microsoft Surface owners.
18  Windows Defender Antivirus scans broken after update.
18  Botnet targets U.S. taxpayers with tax refund notice.
18  Medical radiological images exposed on the Internet.
17  Beware of Venmo scams targeting users via text messages.
17  Misconfigured Google Calendars share events with everyone.
17  125 new flaws found in routers and NAS devices.
16  Google fixes Chromebook 2FA flaw in ‘built-in security key’.
16  Password-revealing bug quickly fixed in LastPass extensions.
16  How to enable Ransomware Protection in Windows 10.
16  PIN knockout bug with Win10 1903 cumulative update.
15  This Week in Security – by Zack Whittaker.
15  Windows 10 update causes network adapter failure for some users.
15  Latest Apple iOS 13 exploit can be overcome in two ways.
14  Window 10 1903 update released to fix USB microphones.
14  Workaround released for Windows 10 audio issues in games.
13  The Week in Ransomware – Exploit Kits.
13  iPhone iOS 13 lockscreen bypass flaw exposes contacts.
12  Windows 10 update is apparently also breaking audio in games.
12  Lenovo offers fix for orange screenshots in Windows 10 update.
12  Microsoft publishes solutions for Windows 10 search issues.
11  Apple adware, phishing, APT attacks threaten macOS users.
11  Intel patches flaw in Easy Streaming Wizard.
10  Mozilla increases browser privacy with encrypted DNS.
10  Intel Releases Security Updates.
10  What’s new in Chrome 77, arriving today.
10  Servicing stack updates released for all Windows 10 versions.
10  Microsoft fixes Windows 10 high CPU usage in Cortana.
10  Windows 10 KB4515384 and KB4512578 released with fixes.
10  Microsoft’s Patch Tuesday Fixes 79 Vulnerabilities.
10  Microsoft Releases Security Updates for Office.
10  September Patch Tuesday rolling out.
10  Adobe Releases Security Updates for Flash Player.
09  Exploit kits target Windows users with ransomware and trojans.
09  Telegram fixes privacy bug caused by improperly deleted messages.
09  Microsoft removes two Windows 10 1903 upgrade blocks.
09  Time to block Windows automatic update for Patch Tuesday.
08  This Week in Security – by Zack Whittaker.
08  Fake PayPal site spreads Nemty Ransomware.
07  The Windows 10 privacy settings you should check.
06  The Week in Ransomware – Three Week Roundup.
06  Public BlueKeep exploit module released by MetaSploit.
06  GootKit banking Trojan bypasses Windows Defender.
06  Time to install the August Windows patches.
06  Windows and AV software ignore malware in virtual disk files.
05  Twitter suspends SMS-based tweeting after hacks.
05  GPS trackers expose childrens’ real-time location.
05  Patching behavior in Win10 1903 changes dramatically.
04  Android zero-day bug does not make it on Google’s ‘fix’ list.
04  Essential, OnePlus, & Xiaomi join Google in releasing Android 10.
04  Huge database of Facebook users’ phone numbers found online.
04  Android Trojan spy signs you up for premium subscriptions.
04  Patch Lady – looking for options?
04  Android SMS phishing can enable malicious settings.
03  Spam In your Calendar? Here’s What to Do.
03  Microsoft releases non-security Office updates with fixes.
03  High CPU usage confirmed in Windows 10 1903 update.
03  Surface Pro 5 and 6 get new firmware updates.
03  Firefox 69 released with enhanced tracking protection.
02  Windows 10 1903 may cause Microsoft Visio to stall.
02  Patch Lady – Chrome is out…what’s in?
02  Firefox 69 officially due tomorrow.
02  The Different Types of Windows 10 Updates.
01  This Week in Security – by Zack Whittaker.

August, 2019  (Click listings for more information) .
31  Some Windows 10 users on 1903 are facing high CPU usage after latest cumulative updates.
31  Microsoft resolves six Windows 10 1903 issues.
30  Windows 10 1809 users can dismiss 1903 Update alerts.
30  TrickBot bypasses secure email gateway using Google Docs.
30  Windows 10 v1903 update released with sandbox fix & more.
30  Google warns iPhone users of data-stealing malware attacks.
30  The August 2019 Windows patches aren’t yet complete.
30  Foxit Software data breach exposed user passwords.
30  Don’t Play in Google’s Privacy Sandbox.
29  Ransomware Bites Dental Data Backup Firm.
29  Patch Lady – Avast does…what?
28  More battery issues reported on Microsoft’s Surface PCs.
28  TrickBot variant targets Verizon, T-Mobile, & Sprint Users.
28  Apple is changing the way it handles Siri recordings.
28  Patch block removed on Win7 systems running Norton, Symantec AV.
27  Android Trojan infects tens of thousands of devices.
27  Google releases security updates for Chrome.
27  Trojan Dropper malware found in Android app.
26  Patch Lady – I smell a Rat.
26  Apple releases multiple security updates.
26  Phishing campaign delivers RAT payloads via fake resumes.
26  Ransomware may spread via compromised RDP connections.
25  This Week in Security – by Zack Whittaker.
24  Microsoft blocks Windows 10 1903 update on Zebra tablets.
23  Lenovo high-severity bug found in pre-installed software.
23  IRS warns taxpayers of scam campaign distributing malware.
23  Windows 10 update breaks Bluetooth speakers connectivity.
23  Instagram phishing emails use fake login warning baits.
23  Emotet Botnet is back, servers active across the world.
23  Google Chrome to warn if logins are found in a data breach.
22  Steam patches LPE vulnerabilities in beta version update.
22  Breach at Hy-Vee tied to sale of stolen credit, debit cards.
22  Microsoft re-issues the Win7 VB/VBA/VBScript fixing patch.
22  Bitdefender fixes privilege escalation bug in free antivirus.
21  2nd Steam zero-day impacts over 96 million Windows users.
21  Phishing attacks scrape branded Microsoft 365 login pages.
21  Forced password reset? Check your assumptions.
21  Patch Lady – How to avoid using RDP in Windows.
20  Apple iOS update ends in jailbroken iPhones.
20  Symantec fixes the SHA-2 patch problem for Win7.
20  Windows Defender update fixes an issue with SFC /scannow.
20  Microsoft patches vulnerable Android Remote Desktop app.
20  Still no DejaBlue exploits generally available.
19  Microsoft releases Windows 10 version 1803 update.
19  VLC Media Player 3.0.8 released with 13 security fixes.
19  Hackers use fake NordVPN website to deliver banking Trojan.
18  Hy-Vee warns customers about point-of-sale breach.
18  This Week in Security – by Zack Whittaker.
18  Router network isolation broken by covert data exfiltration.
18  Steam accounts being stolen through free game scam.
18  Windows 10 updates  versions 1809, 1709, 1703, 1607, & 1507.
17  Microsoft confirms Windows 10 1903 update error 0x80073701.
17  Windows updates rolling out to fix Visual Basic issues.
17  Attack exploiting Bluetooth weakness can intercept sensitive data.
16  The Week in Ransomware – Fairly Slow.
16  Steam security saga continues with vulnerability fix bypass.
16  Mozilla Firefox bug let third-parties access saved passwords.
16  Phone numbers exposed by password reset processes.
16  Microsoft warns of phishing attacks using custom 404 pages.
15  Windows 10 1903 users report errors installing KB4512508.
15  Windows 10 updates cause Visual Basic apps to stop responding.
15  Unique Kaspersky AV user ID allowed 3rd-party web tracking.
15  Microsoft voicemail notifications used in phishing campaign.
15  Trend Micro fixes privilege escalation bug in Password Manager.
14  Microsoft releases the security updates for Office.
14  Chrome OS 76 brings virtual desktops & improved media controls.
14  Windows CTF flaws enable attackers to compromise systems.
14  Windows 7 SHA-2 updates blocked if Symantec, Norton AVs installed.
13  Patch Tuesday, August 2019 Edition, Krebs on Security.
13  Microsoft’s August 2019 Patch Tuesday fixes 96 vulnerabilities.
13  Windows 10 cumulative update KB4512508 & KB4511553 released.
13  Microsoft warns of new wormable Remote Desktop flaws.
13  August 2019 Security patches: It’s a biiiiiiiiig month.
13  Adobe releases security updates for Reader, Photoshop, & more.
12  Steam fixes security vulnerabilities, researchers don’t agree.
12  4G router vulnerabilities let attackers take full control.
12  Make sure Windows Auto Update is turned off temporarily.
12  Is Windows pushing you to upgrade? Don’t be bullied.
12  Beware of fake Microsoft account unusual sign-in activity emails.
11  Canon DSLR camera infected with ransomware over the air.
11  This Week in Security – by Zack Whittaker.
10  Over 40 Windows hardware drivers vulnerable to privilege escalation.
10  Google Chrome Incognito mode can still be detected.
09  The Week in Ransomware – Summer Doldrums.
09  Android apps with over 100M installs contain a clicker Trojan.
09  Websites can still detect if you’re using Incognito mode.
08  Steam zero-day vulnerability affects over 100 million users.
08  Microsoft warns against BlueKeep, advises users to update systems.
08  Patch Lady – Windows 10 patching podcast.
08  Microsoft contractors listen to some Skype calls.
07  State Farm accounts compromised in credential stuffing attack.
07  Who Owns Your Wireless Service? Crooks Do.
07  Microsoft ignored RDP vulnerability until it affected Hyper-V.
07  Patch lady – watch out for inplace upgrade side effects.
07  Microsoft releases August 2019 Office updates with fixes.
07  Leapfrog children’s tablet owners should remove Pet Chat now.
06  Some Surface users are unable to connect to 5GHz Wi-Fi after latest update.
06  Advanced Protection Program now scans for risky downloads in Chrome.
06  Vulnerability in modern CPUs fixed in Windows, Linux, ChromeOS.
06  Amazon phishing scam creates login prompts in PDF docs.
06  FBI warns of romance scams turning victims into money mules.
06  El Paso & Dayton tragedy-related scams & malware campaigns.
05  CafePress data breach exposes personal info of users.
05  Surface firmware/driver updates galore.
05  StockX hack exposes personal information of customers.
04  Beware of emails “Confirm Your Unsubscribe” requests.
04  This Week in Security – by Zack Whittaker.
04  Extortion emails on the rise: a look at the different types.
03  The Week in Ransomware – More of the Same.
02  NVIDIA patches security flaws in Windows GPU display driver.
02  It’s time to install most of July’s Windows & Office patches.
02  Multiple Surface devices get firmware and driver updates.
01  Adware abuses Microsoft Smartscreen to boost AV evasion.
01  New malware uses your PC to hide malicious traffic.
01  Some Windows 10 S users are unable to switch out of S mode.
01  FTC releases alert on the Capital One data breach.
01  The BlueKeep situation gets murkier.